Senior SOC Security Engineer
Role summary
We are seeking a Senior SOC Security Engineer for a 24/7 Security Operations Center, focusing on detection engineering, incident response, and software supply chain security. This hands-on role involves leading incident response for various security events, designing and improving detection use cases and threat models, and conducting deep-dive investigations into software supply chain threats. The engineer will also perform threat hunting, enhance SIEM detections, integrate security into CI/CD pipelines, and analyze third-party dependencies. Familiarity with cloud environments and scripting is required. The position is fully remote for U.S. based candidates and operates on a night shift schedule with weekend rotation.
Senior SOC Security Engineer (Detection Engineering & Incident Response) – Remote | Night Shift
We are looking for a
Senior SOC Security Engineer
to join a growing 24/7 Security Operations Center. This is a
hands-on engineering role
focused on
detection engineering, incident response, and software supply chain security
.
This position is ideal for someone who enjoys
solving complex security problems, improving detection capabilities, and driving real impact in a SOC environment
.
Must Haves:
Mid-Sr SOC analyst with ideally a good understanding of supply chain security
- SOC /incidence response
- Detection engineering
- Supply chain security – can drive this security aspect
⏰
Shift Details
- Primary Shift:
3:00 PM – 12:00 AM (1-hour break)
- Weekend Rotation:
Every 5th weekend (Sat/Sun overnight shift)
- Comp days provided before/after weekend rotation
🔧
What You’ll Be Doing
- Lead
incident response
efforts across a variety of security events, including identity-based and supply chain attacks
- Design and improve
detection use cases
, alerting logic, and threat models
- Perform
deep-dive investigations
into software supply chain threats (malicious packages, dependency compromises, etc.)
- Conduct
threat hunting
to identify emerging attack patterns
- Build and enhance
SIEM detections
and improve signal-to-noise ratio
- Collaborate with engineering teams to integrate security into
CI/CD pipelines
- Analyze and remediate vulnerabilities in
third-party dependencies and open-source components
- Mentor junior SOC analysts and contribute to overall SOC maturity
🛠
Required Experience
- Strong background in
SOC operations and incident response
- Experience with
SIEM/EDR tools
(Splunk, Sentinel, QRadar, CrowdStrike, etc.)
- Hands-on experience in
detection engineering / alert tuning / threat detection
- Solid understanding of
MITRE ATT&CK framework
- Experience with
application security
(SAST, DAST, SCA, OWASP Top 10)
- Knowledge of
software supply chain security risks
(dependency confusion, malicious packages, etc.)
- Familiarity with
cloud environments
(AWS, Azure, or GCP)
- Scripting/automation experience (Python, PowerShell, or similar)
⭐
Nice to Have
- Experience with tools like
jFrog, Socket.dev
, or similar SCA platforms
- Background in
DevSecOps and CI/CD security integration
- Certifications such as
CISSP, GIAC, OSCP, CSSLP
🌎
Location
- 100%
Remote (U.S. based candidates only)
💡
What We’re Looking For
- Someone who
speaks up, challenges the status quo, and improves systems
- A
problem-solver
who enjoys building and enhancing detection capabilities
- A
hands-on engineer
, not just a ticket-closer
📩
Interested?
Apply directly or reach out to learn more.
